Skip to main content

Mock SAML 2.0 Identity Provider

Project description

Mock IDP

Ever needed to test an SSO setup but don't have access to the IDP for whatever reason?

Mock IDP provides a SAML2.0 IDP using POST bindings without need for a user database or complicated enterprise software setup.

Prerequisites

Mock-idp requires python 3.6 and pip

Installation

Install and run mock-idp using Pip:

$ pip3 install mock-idp
$ mock-idp
...

Configuration File

To override the system configuration create a config file. The service loads config files in the following order:

  1. mockidp.yaml in the current working directory
  2. ~/.mockidp.yaml in your home directory
  3. /etc/mockidp.yaml in the global config directory
  4. internal default config file shipped with the service package

Here is a sample (copy of built-in config) file to start with:

service_providers:
  - name: "local:service:author"
    response_url: "http://localhost:3000/saml_login"

users:
  charlie:
    first_name: "Charlie"
    last_name: "Brown"
    email: "charlie@gmail.com"
    password: snoopy
  linus:
    first_name: "Linus"
    last_name: "van Pelt"
    email: "linus@gmail.com"
    password: pumpkin
  lucy:
    password: charlie
    first_name: "Lucy"
    last_name: "van Pelt"
    email: "lucy@gmail.com"
  peppermint:
    first_name: "Peppermint"
    last_name: "Patty"
    email: "peppermint@gmail.com"
    password: peppermint

Service providers

For each service provider (client) that uses the identity provider, an entry in the service providers section of the config is needed. It has two values:

service_providers:
  - name: "local:aem:author"
    response_url: "http://localhost:14502/saml_login"
  • name is the service provider entity id that the service provider sends with each request.
  • response_url is the public url of the service provider. Once login has been completed, the browser will be redirected to this url.

Users

Users is a fairly self explanatory list of user credentials recognized by the IDP:

users:
  charlie:
    first_name: "Charlie"
    last_name: "Brown"
    email: "charlie@gmail.com"
    password: snoopy
    roles:
      - administrators

Configuring a generic Service Provider

  • Mock-IDP supports the POST binding protocol of SAML2.0.
  • By default mock-idp runs on port 5000 and the binding path is /saml.
  • the response message provides four attributes:
    • uid: The username
    • email: the user email address
    • firstName: The users first name
    • lastName: The users last name
  • The logout path is /saml/logout

Certificate keys

To generate a service provider Certificate, run the following commands:

$ openssl genrsa -out saml.pem 2048
$ openssl req -new -key saml.pem -out saml.csr
$ openssl x509 -req -days 365 -in saml.csr -signkey saml.pem -out saml.crt

This will produce three files:

  • saml.pem - The private key
  • saml.csr - The certificate signing request
  • saml.crt - The final certificate

Refer to your service provider documentation on how to install the certificate.

Running using Docker

Import local config into a docker container

To run the base config just start the service and map port 5000

$ docker run -p 5000:5000 bjornskoglund/mock-idp:0.4.0

Provided you have produced your config file containing service providers and user account information. You can inject into a docker container by the following:

$ docker run -p 5000:5000 -v <absolute path to your config>.yaml:/usr/local/mock-idp/mockidp.yaml bjornskoglund/mock-idp

Copy the cert/cert.pem file into your Service Provider (SP), and be sure that the ISSUER (entity id) provided by the SP matches the name: of the Service Provider in your config.

Development

Setup

Install pipenv with pip to handle dependencies

$ pip3 install -r requirements.txt

then install environment

$ pipenv install

Run from source:

$ pipenv run ./bin/mock-idp
...

All system config is located in mockidp/resources/default_config.yaml.

Compatibility

Mock-IDP has been tested with the following service providers

  • Adobe Experience Manager (AEM) 6.2
  • Node.js - saml2-js package

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Built Distribution

mock_idp-0.4.1-py3-none-any.whl (42.7 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page